Skip to content

pip-audit brew packages #1036

pip-audit brew packages

pip-audit brew packages #1036

Workflow file for this run

name: pip-audit brew packages
on:
workflow_dispatch:
schedule:
- cron: '0 8 * * *'
jobs:
audit:
runs-on: macos-latest
permissions:
# NOTE: Needed to push to the repository.
contents: write
steps:
- name: Check out this repo
uses: actions/checkout@v4
with:
fetch-depth: 0
# credentials intentionally persisted for git operations below
persist-credentials: true
- uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Set up Homebrew
id: set-up-homebrew
uses: Homebrew/actions/setup-homebrew@master
with:
core: true
cask: false
test-bot: false
- name: Configure Homebrew, install dependencies
run: |
brew developer on
brew install osv-scanner
brew untap --force hashicorp/tap || true
- run: brew ruby formula2requirements.rb
env:
HOMEBREW_NO_AUTO_UPDATE: 1
HOMEBREW_NO_INSTALL_FROM_API: 1
HOMEBREW_EVAL_ALL: 1
- run: python3 pip-audit-bulk
- name: Commit and push if it changed
run: |-
git config user.name "github.actions"
git config user.email "[email protected]"
git add -A
timestamp=$(date -u)
git commit -m "Latest data: ${timestamp}" || exit 0
git push
auto-pr:
needs: [audit]
uses: ./.github/workflows/auto-pr.yml
secrets: inherit